Physical Security

ContractHub data centers (handled by Amazon AWS) are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure.

Servers

All servers that run ContractHub software in production are recent, continuously patched Linux systems. Additional hosted services that we utilize, such as Amazon RDS, S3, and others, are comprehensively hardened AWS infrastructure-as-a-service (IaaS) platforms.

Vulnerability testing

Web application security is evaluated by the development team in sync with the application release cycle. This vulnerability testing includes the use of commonly known web application security toolkits and scanners to identify application vulnerabilities before they are released into production.

Backups

ContractHub runs full daily automated backups of our databases and all user documents. All backups are encrypted and stored independently across 2 regions (1) America (2) Australia and further auto-replicated within each region by AWS to provide resiliency This guarantees maximum protection and independence between layers.

Encryption

Each and every transaction happening on the ContractHub platform is processed by a closely monitored server infrastructure and encrypted using industry-standard 256-bit HTTPS Encryption.

System Monitoring

At ContractHub, the production application and underlying infrastructure components are monitored 24/7/365 days a year.

Application architecture

The ContractHub web application is multi-tiered into logical segments (front-end, API, and database), each independently separated from each other in a DMZ configuration. This guarantees maximum protection and independence between layers.

Passwords & Tokens

Passwords and verification tokens are stored encrypted using modern and state-of-the-art solutions including the bcrypt key derivation function. We don’t store plain data but use cryptographic one-way hash functions.

Secured Documents

Contracts can only be viewed through the website using a verified account or using a unique key that is embedded within the recipient’s email link.

Sessions

Session data is remembered on the client-side and the server-side which improves security in case of any malicious operations.